1 / 31

Security

Security. Chapter 7. Introduction. What is the security model of your system? There are many issues: Security Authentication Authorization Privacy of data Integrity of data and communications

Télécharger la présentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security Chapter 7 B.Ramamurthy

  2. Introduction • What is the security model of your system? • There are many issues: • Security • Authentication • Authorization • Privacy of data • Integrity of data and communications • Authentication: is validating the user and the messages sent by the authenticated user. Biometrics; Private-public key pair • Authorization: refers to access control of resources after a user/message has been authenticated. • Privacy and integrity through encryption • These are especially critical for cloud-hosted systems: issues (1,4,5) above are hot research issues in the context of cloud computing. B.Ramamurthy

  3. Encryption • Most schemes include algorithms for encrypting and decrypting messages based on secret codes called keys. • Two common models: • Shared secret keys • Public/private key pairs: A message encrypted with the public key of the receiver can be decrypted only by the private key of the recipient. B.Ramamurthy

  4. Cryptographic Algorithms • Plain text  cipher text Decipher text • E(K,M) = {M}K where E is the encryption function, M is the message and K is the key. • Decryption: • D(K,E(K,M)) = M • When same key is used in encrypting and decrypting, it is called symmetric cryptography. B.Ramamurthy

  5. keystream number E(K, M) buffer n+3 n+2 n+1 generator XOR ciphertext plaintext stream stream Stream cipher B.Ramamurthy

  6. Cryptographic algorithms • Shannon’s principles of cryptography: introduce “confusion” (XORing, bit shifting etc.) and “diffusion” (adding noise bits to diffuse the information) • We will look at Tiny Encryption Algorithm (TEA) as an example of symmetric algorithm and Rivest, Shamir and Adelman (RSA) an an example for asymmetric algorithms. B.Ramamurthy

  7. TEA Encryption Function void encrypt(unsigned long k[], unsigned long text[]) { unsigned long y = text[0], z = text[1]; unsigned long delta = 0x9e3779b9, sum = 0; int n; for (n= 0; n < 32; n++) { sum += delta; y += ((z << 4) + k[0]) ^ (z+sum) ^ ((z >> 5) + k[1]); z += ((y << 4) + k[2]) ^ (y+sum) ^ ((y >> 5) + k[3]); } text[0] = y; text[1] = z; } B.Ramamurthy

  8. TEA decryption function void decrypt(unsigned long k[], unsigned long text[]) { unsigned long y = text[0], z = text[1]; unsigned long delta = 0x9e3779b9, sum = delta << 5; int n; for (n= 0; n < 32; n++) { z -= ((y << 4) + k[2]) ^ (y + sum) ^ ((y >> 5) + k[3]); y -= ((z << 4) + k[0]) ^ (z + sum) ^ ((z >> 5) + k[1]); sum -= delta; } text[0] = y; text[1] = z; } B.Ramamurthy

  9. TEA in use void tea(char mode, FILE *infile, FILE *outfile, unsigned long k[]) { /* mode is ’e’ for encrypt, ’d’ for decrypt, k[] is the key.*/ char ch, Text[8]; int i; while(!feof(infile)) { i = fread(Text, 1, 8, infile); /* read 8 bytes from infile into Text */ if (i <= 0) break; while (i < 8) { Text[i++] = ' ';} /* pad last block with spaces */ switch (mode) { case 'e': encrypt(k, (unsigned long*) Text); break; case 'd': decrypt(k, (unsigned long*) Text); break; } fwrite(Text, 1, 8, outfile); /* write 8 bytes from Text to outfile */ } } B.Ramamurthy

  10. Cryptography • Cryptography is the basis for authentication of messages. • Selection of cryptographic algorithms and management of keys are critical issues for effectiveness, performance and usefulness of security mechanisms. • Public-key cryptography is good for key distribution but inadequate for encryption of bulk data. • Secret-key cryptography is suitable for bulk encryption tasks. • Hybrid protocols such as SSL (Secure Socket Layer) establish a secure channel using public-key cryptography and then use it exchange secret keys for subsequent data exchanges. B.Ramamurthy

  11. Lets look at a use of ssh-keygen • Lets ssh to a server and observe what happens • To ssh to a system without username/password: • A personal private/public key pair is generated using the ssh-keygen command. • The public key is then copied onto a remote system’s .ssh/authorized_keys file. • You can now SSH to the remote system's account without the use of a password. • To control access to a remote system from your client. • Generate public-private key-pair with a pass-phrase • If anybody else wants to login to a server from your system, it will request pass-phrase. • Study man ssh-keygen. • Next lets review the underlying principle behind public-key-private-key pair (PKI: public key infrastructure). B.Ramamurthy

  12. RSA Encryption To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form: N = P x Q Z = (P–1) x (Q–1) 2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z). We illustrate the computations involved using small integer values for P and Q: P = 13, Q = 17 –> N = 221, Z = 192 d = 5 3. To find e solve the equation: e x d = 1 mod Z That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... . e x d = 1 mod 192 = 1, 193, 385, ... 385 is divisible by d e = 385/5 = 77 B.Ramamurthy

  13. RSA Encryption (contd.) To encrypt text using the RSA method, the plaintext is divided into equal blocks of length k bits where 2k < N (that is, such that the numerical value of a block is always less than N; in practical applications, k is usually in the range 512 to 1024). k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is: (N = P X Q = 13X17 = 221), e = 77, d = 5: E'(e,N,M) = Me mod N for a message M, the ciphertext is M77 mod 221 The function for decrypting a block of encrypted text c to produce the original plaintext block is: D'(d,N,c) = cd mod N The two parameters e,N can be regarded as a key for the encryption function, and similarly d,N represent a key for the decryption function. So we can write Ke= <e,N> and Kd = <d,N>, and we get the encryption function: E(Ke, M) ={M}K (the notation here indicating that the encrypted message can be decrypted only by the holder of the private key Kd) and D(Kd, ={M}K ) = M. <e,N> - public key, d – private key for a station B.Ramamurthy

  14. Application of RSA • Lets say a person in Atlanta wants to send a message M to a person in Buffalo: • Atlanta encrypts message using Buffalo’s public key B  E(M,B) • Only Buffalo can read it using it private key b: E(b, E(M,B))  M • In other words for any public/private key pair determined as previously shown, the encrypting function holds two properties: • E(p, E(M,P))  M • E(P, E(M,p))  M B.Ramamurthy

  15. How can you authenticate “sender”? • (In real life you will use signatures: the concept of signatures is introduced.) • Instead of sending just a simple message, Atlanta will send a signed message signed by Atlanta’s private key: • E(B,E(M,a)) • Buffalo will first decrypt using its private key and use Atlanta’s public key to decrypt the signed message: • E(b, E(B,E(M,a))  E(M,a) • E(A,E(M,a))  M B.Ramamurthy

  16. Digital Signatures • Strong digital signatures are essential requirements of a secure system. These are needed to verify that a document is: • Authentic : source • Not forged : not fake • Non-repudiable : The signer cannot credibly deny that the document was signed by them. B.Ramamurthy

  17. Digest Functions • Are functions generated to serve a signatures. Also called secure hash functions. • It is message dependent. • Only the digest is encrypted using the private key. B.Ramamurthy

  18. 1. Certificate type : Account number 2. Name : Alice 3. Account : 6262626 4. Certifying authority : Bob’s Bank 5. Signature : {Digest(field 2 + field 3)} KBpriv Alice’s bank account certificate B.Ramamurthy

  19. Digital signatures with public keys B.Ramamurthy

  20. Low-cost signatures with a shared secret key B.Ramamurthy

  21. S u b jec t D i s t i n g u is he d N a m e, Pu b l ic K e y Iss ue r D i s t i n g u is he d N a m e, Si g n at u r e Pe ri o d o f v a li d i t y N o t Be f o r e Da t e, No t A f t e r D ate A d m i ni str a t ive i n fo rma ti o n V er si o n , S e r i a l N u mb e r Ex t en d e d I n f or m a t i o n X509 Certificate format Certificates are widely used in e-commerce to authenticate Subjects. A Certificate Authority is a trusted third party, which certifies Public Key's do truly belong to their claimed owners. Certificate Authorities: Verisign, CREN (Corp for Educational Research Networking), Thawte B.Ramamurthy

  22. The Needham–Schroeder secret-key authentication protocol Header Message Notes 1. A->S: A requests S to supply a key for communication A, B, NA with B. S returns a message encrypted in A’s secret key, 2. S->A: {NA , B, KAB, containing a newly generated key KAB and a {KAB, A}KB}KA ‘ticket’ encrypted in B’s secret key. The nonce NA demonstrates that the message was sent in response to the preceding one. A believes that S sent the message because only S knows A’s secret key. A sends the ‘ticket’ to B. {KAB, A}KB 3. A->B: B decrypts the ticket and uses the new key KAB to {NB}KAB 4. B->A: encrypt another nonce NB. A demonstrates to B that it was the sender of the {NB - 1}KAB 5. A->B: previous message by returning an agreed transformation of NB. B.Ramamurthy

  23. Kerberos Key Distribution Centre Authentication database Step A Ticket- Authen- granting tication 1. Request for service T service A TGS ticket 2. TGS ticket Step B 3. Request for server ticket Login Step C 4. Server ticket session setup 5. Service Server request Service Client session setup Server function C Request encrypted with session key S DoOperation Reply encrypted with session key System architecture of Kerberos B.Ramamurthy

  24. SSL SSL Change SSL Alert Handshake HTTP Telnet Cipher Spec Protocol protocol SSL Record Protocol Transport layer (usually TCP) Network layer (usually IP) SSL protocols: Other protocols: SSL protocol stack B.Ramamurthy

  25. SSL handshake protocol B.Ramamurthy

  26. Component Description Example Key exchange the method to be used for RSA with public-key method exchange of a session key certificates Cipher for data the block or stream cipher to be IDEA transfer used for data Message digest for creating message SHA function authentication codes (MACs) SSL handshake configuration options B.Ramamurthy

  27. abcdefghi Application data Fragment/combine abc def ghi Record protocol units Compress Compressed units Hash MAC Encrypt Encrypted Transmit TCP packet SSL record protocol B.Ramamurthy

  28. Millicent architecture Scrip layout Vendor V a l ue Sc r i p I D C u s to m er I D Ex p i r y d a te P rop e rt i e s C er t i f i ca te B.Ramamurthy

  29. WS-Security • Messaging is at the core of WS. • WS-Security provides enhancements to SOAP messaging to provide quality of protection through • Message integrity • Message confidentiality • Message authentication • The standard allows for wide variety of security models and encryption technologies. • A variety of authentication and authorization methods are also supported. • Binary security tokens can be attached to SOAP messages (Kerberos tokens, X509 tokens, etc.) B.Ramamurthy

  30. WS-Security (contd.) • Authentication: X509 certificate associated with a subject. • Confidentiality: public key cryptography • Integrity: digital signatures (XML signatures) and security tokens can be used to ensure message originated from the appropriate sender. B.Ramamurthy

  31. Summary • What is your security model? • User-password-biometrics authentication? • Association of certificate with user? • Single-sign on, proxy-certificate for grid computing? • PKI encryption for keys? • Kerberos for key distribution? • Secret-key-symmetric-key encryption of confidentiality and security? • Digital signatures + certificates for integrity? B.Ramamurthy

More Related